Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/D741981CB85811EDA32AF260C4F9AE02.roa
File: D741981CB85811EDA32AF260C4F9AE02.roa (raw, json)
Hash identifier: b4tKaVCRmBuNXJ3ZuQAoIkntfWZhSewEF9xdBZwGZVc=
Subject key identifier: 05:E8:A8:68:4E:2E:7C:47:5D:B8:4E:35:2A:B0:C5:22:AE:8B:C3:48
Certificate issuer: /CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Certificate serial: 0C07
Authority key identifier: 25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/D741981CB85811EDA32AF260C4F9AE02.roa
Signing time: Wed 01 Mar 2023 17:45:23 +0000
ROA not before: Wed 01 Mar 2023 17:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140224
IP address blocks: 220.158.194.0/24 maxlen: 24
220.158.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3079 (0xc07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Validity
Not Before: Mar 1 17:45:23 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63ff8f32-3f1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:12:c2:33:8d:c4:46:0c:67:5b:85:f3:4c:7c:
74:f2:21:d2:8a:1e:80:90:eb:a1:47:48:e7:50:b1:
4c:aa:e1:84:87:d6:bb:73:0d:06:9d:15:9f:1f:64:
04:7d:2e:ad:a8:c4:3c:04:1a:f0:ef:7e:84:3a:0d:
4e:13:26:14:d6:3c:93:6b:88:24:d6:67:c0:53:a1:
ae:63:e5:1d:86:98:bc:5a:46:d1:fa:d8:45:9d:d6:
b2:04:57:c0:56:65:7c:41:52:31:75:bf:11:18:32:
46:4f:00:2d:07:e0:a2:c8:8d:68:52:fd:84:23:54:
ec:cc:1e:43:75:4a:f1:b2:b8:c3:1e:19:11:7b:28:
3d:a9:0e:0b:1d:33:98:9f:36:65:db:8e:85:d0:17:
e1:30:4f:28:6a:c6:81:99:1b:a2:69:4b:3e:a0:06:
81:03:96:ef:68:a3:db:de:c7:68:0d:aa:b4:d4:bb:
43:5d:d5:2d:6e:dc:ab:66:c1:8c:64:d2:54:ba:e0:
c4:f3:3f:c1:56:10:13:ca:b3:53:f4:ee:14:f3:f8:
94:1a:14:e0:0a:c8:b8:40:ee:23:94:87:ea:ac:0c:
49:cc:d2:37:1f:9c:47:ce:8b:18:5a:04:86:89:94:
f0:2c:8a:30:05:13:58:be:b0:c6:90:a6:8b:d8:1d:
fc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E8:A8:68:4E:2E:7C:47:5D:B8:4E:35:2A:B0:C5:22:AE:8B:C3:48
X509v3 Authority Key Identifier:
keyid:25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/JVKQoBqpuRGLZu7aD5BfbUDbBa4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/D741981CB85811EDA32AF260C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.158.194.0/23
Signature Algorithm: sha256WithRSAEncryption
87:7c:fc:13:39:a0:92:16:e9:7b:a9:67:37:99:0b:b7:17:b3:
48:48:d6:86:e0:ea:1b:af:69:70:a3:31:67:bb:72:7c:88:18:
33:ca:d2:3b:84:f7:1f:24:73:37:fd:24:27:d6:7a:70:54:d2:
f5:b8:4d:cf:71:6d:7f:a6:d6:73:5c:21:f3:42:25:45:93:da:
c7:89:d2:53:66:44:22:68:c4:26:2a:03:1e:39:ad:9f:10:5f:
dd:bc:7d:52:a2:df:a9:c5:09:73:14:fb:73:2a:54:06:c2:4c:
c7:19:ea:fa:9b:06:49:56:68:82:98:e2:bd:3b:2b:02:b3:c2:
aa:fc:48:54:57:2b:5d:00:cf:4c:99:a5:94:11:30:6e:dd:50:
3c:b1:03:d1:08:8b:d4:0b:50:31:3d:06:b8:2c:92:d2:e0:6a:
39:38:f6:a7:e1:b5:b9:7e:58:2d:f1:a7:ed:d2:36:22:19:29:
4e:63:86:a3:c3:3a:98:f6:d1:47:5a:1c:d4:07:10:a8:98:9f:
85:36:fb:d5:d0:dd:11:80:d4:29:64:70:58:0a:b3:5a:1f:2e:
29:da:8b:8b:c6:10:38:89:78:bf:ee:5d:a4:00:8b:57:eb:15:
74:fd:cc:22:ef:7f:02:4a:fc:a2:14:71:76:5e:c3:60:32:c9:
8f:a8:62:40
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlFMTkxMTAvBgNVBAUTKDI1NTI5MEEwMUFBOUI5MTE4QjY2RUVEQTBGOTA1RjZE
NDBEQjA1QUUwHhcNMjMwMzAxMTc0NTIzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZmOGYzMi0zZjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArxLCM43ERgxnW4XzTHx08iHSih6AkOuhR0jnULFMquGEh9a7cw0GnRWfH2QE
fS6tqMQ8BBrw736EOg1OEyYU1jyTa4gk1mfAU6GuY+Udhpi8WkbR+thFndayBFfA
VmV8QVIxdb8RGDJGTwAtB+CiyI1oUv2EI1TszB5DdUrxsrjDHhkReyg9qQ4LHTOY
nzZl246F0BfhME8oasaBmRuiaUs+oAaBA5bvaKPb3sdoDaq01LtDXdUtbtyrZsGM
ZNJUuuDE8z/BVhATyrNT9O4U8/iUGhTgCsi4QO4jlIfqrAxJzNI3H5xHzosYWgSG
iZTwLIowBRNYvrDGkKaL2B38gwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAXoqGhO
LnxHXbhONSqwxSKui8NIMB8GA1UdIwQYMBaAFCVSkKAaqbkRi2bu2g+QX21A2wWu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUUxOS8zNTZGMkYzRUMx
QTUxMUU5QThCOEYzMzZDNEY5QUUwMi9KVktRb0JxcHVSR0xadTdhRDVCZmJVRGJC
YTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pWS1FvQnFwdVJHTFp1N2FENUJmYlVEYkJhNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlFMTkvMzU2RjJGM0VDMUE1MTFFOUE4QjhGMzM2QzRGOUFFMDIvRDc0MTk4MUNC
ODU4MTFFREEzMkFGMjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHcnsIwDQYJKoZIhvcNAQELBQADggEBAId8/BM5oJIW6Xup
ZzeZC7cXs0hI1obg6huvaXCjMWe7cnyIGDPK0juE9x8kczf9JCfWenBU0vW4Tc9x
bX+m1nNcIfNCJUWT2seJ0lNmRCJoxCYqAx45rZ8QX928fVKi36nFCXMU+3MqVAbC
TMcZ6vqbBklWaIKY4r07KwKzwqr8SFRXK10Az0yZpZQRMG7dUDyxA9EIi9QLUDE9
BrgsktLgajk49qfhtbl+WC3xp+3SNiIZKU5jhqPDOpj20UdaHNQHEKiYn4U2+9XQ
3RGA1ClkcFgKs1ofLinai4vGEDiJeL/uXaQAi1frFXT9zCLvfwJK/KIUcXZew2Ay
yY+oYkA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org